Infogov and GRC

Published by the BSI, BS 10012:2009 came into effect on 31st May and is now licensed for automation within Proteus.

The objective of this British Standard is to enable organizations to put in place, as part of the overall information governance infrastructure, a personal information management system (PIMS) which provides a framework for maintaining and improving compliance with data protection legislation and good practice.

The key piece of legislation in this area is The Data Protection Act 1998. This implements a European Directive (95/46/EC) and applies to “personal data” which is defined in the DPA as information relating to identifiable living individuals.

This British Standard uses the term “personal information” in place of the term “personal data”.

The DPA is regulated and enforced by the Information Commissioner, who is responsible for promoting the protection of personal information. The Information Commissioner promotes good practice by the issue of guidance, rules on eligible complaints, provides information to individuals and organizations and takes appropriate action when the law is broken.

This entry was posted on Tuesday, July 7th, 2009 at 6:24 pm and is filed under Infogov General News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.